--- loncom/auth/lonlogout.pm	2006/11/23 01:49:41	1.22
+++ loncom/auth/lonlogout.pm	2007/10/02 01:09:59	1.29
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.22 2006/11/23 01:49:41 albertel Exp $
+# $Id: lonlogout.pm,v 1.29 2007/10/02 01:09:59 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -41,23 +41,16 @@ sub handler {
 
     #Check for cookie
     my $requrl=$r->uri;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if (!$lonid) {
-	return FORBIDDEN;
-    }
-
+    my $handle = &Apache::lonnet::check_for_valid_session($r);
     #check if cookie still valid
-    my $handle=&LONCAPA::clean_handle($lonid->value);
-    my $lonidsdir=$r->dir_config('lonIDsDir');
-    if ((!-e "$lonidsdir/$handle.id") || ($handle eq '')) {
+    if ($handle eq '') {
 	$r->log_reason("Cookie $handle not valid", $r->filename); 
 	return FORBIDDEN;
     }
 
     #we've got a valid user
     my @profile;
+    my $lonidsdir=$r->dir_config('lonIDsDir');
     &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
     unlink("$lonidsdir/$handle.id");
     my %temp=('logout' => time);
@@ -66,7 +59,15 @@ sub handler {
 			 $env{'user.name'},
 			 $env{'user.home'},
 			 "Logout $ENV{'REMOTE_ADDR'}");
+
     &Apache::loncommon::content_type($r,'text/html');
+
+    #expire the cookie
+    my $c = new CGI::Cookie(-name    => 'lonID',
+			    -value   => '',
+			    -expires => '-10y',);
+    $r->header_out('Set-cookie' => $c);
+
     $r->send_http_header;
     return OK if $r->header_only;
 # -------------------------------------------------------- Menu script and info
@@ -91,16 +92,32 @@ sub handler {
 					   'li' => 'log in again',
 					   'pe' => 'Please either',
 					   'or' => 'or');
-	my $login_url = '/adm/'.($env{'request.sso.login'} ? 'roles' 
-                                                           : 'login');
 	
-	$relogmessage=(<<ENDRELOG);
+	$relogmessage.=(<<ENDRELOG);
 	<h1>$lt{'gb'}!</h1>
+ENDRELOG
+
+	if (!$env{'request.sso.norelogin'}) {
+	    my $relogin_server;
+	    if ($env{'request.sso.reloginserver'}) {
+		$relogin_server = $env{'request.sso.reloginserver'};
+	    }
+	    my $login_url = $relogin_server.'/adm/'.
+		($env{'request.sso.login'} ? 'roles': 'login');
+
+	    $relogmessage.=(<<ENDRELOG);
 	    $lt{'pe'} <a href="javascript:self.close();">$lt{'cw'}</a> $lt{'or'}
 	<a href="$login_url?domain=$env{'user.domain'}">$lt{'li'}</a>.
 ENDRELOG
 
+        }
+	my $domain = $env{'user.domain'};
         if ($env{'request.sso.login'}
+	    && defined($r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) {
+	    open(my $fh,$r->dir_config("lonSSOUserLogoutMessageFile_$domain"));
+	    $relogmessage.= join('',<$fh>);
+	}
+	if ($env{'request.sso.login'}
 	    && defined($r->dir_config('lonSSOUserLogoutMessageFile'))) {
 	    open(my $fh,$r->dir_config('lonSSOUserLogoutMessageFile'));
 	    $relogmessage.= join('',<$fh>);
@@ -115,10 +132,15 @@ $windowinfo
 $relogmessage
 $end_page
 ENDDOCUMENT
-    &Apache::lonnet::flushcourselogs();
+    $r->register_cleanup(\&flush_course_logs);
     return OK; 
 }
 
+sub flush_course_logs {
+    &Apache::lonnet::flushcourselogs();
+    return OK;
+}
+
 1;
 __END__